Developer(s) RIPS Technologies Available in PHP Website www.ripstech.com | Operating system Type Static code analysis | |
RIPS (Re-Inforce PHP Security) is a static code analysis software for the automated detection of security vulnerabilities in PHP applications. The initial tool was written by Johannes Dahse and released during the Month of PHP Security in May 2010 as open-source software. The open-source version is released under the Lesser GNU General Public License and was maintained until 2013.
Contents
In 2016, a new and rewritten version of RIPS was released as software product by RIPS Technologies, a high-tech company based in Bochum, Germany. The new RIPS product overcomes limitations of the open source tool and addresses industrial needs. Its novel analysis techniques were awarded, amongst others, with the Internet Defense Prize by Facebook.
Open-Source Version
The open-source version tokenizes PHP code (lexical analysis) based on PHP's tokenizer extension and performs semantic analysis to build a program model. Based on previously analyzed variable assignments, it performs backwards-directed inter-procedural taint analysis of sensitive sinks. Its strength is the ability to scan PHP applications very fast for PHP-specific vulnerabilities. It supports the detection of 15 different vulnerability types, including Cross-Site Scripting, SQL Injection, Local File Inclusion, and others. Detected vulnerabilities are presented in a web interface with the minimum set of affected code lines as well as a vulnerability summary. For each vulnerability, an integrated code viewer can be opened in order to highlight the affected code lines in the original source code for easy remediation. Furthermore, help is offered to understand the vulnerability and exploits can be generated automatically. The interface also offers a list of scanned PHP files, user-defined functions, and detected sources. The weakness of the open-source version are false positives due to no use of an abstract syntax tree or control flow graph. The lacking support for object-oriented PHP code can lead to false negatives. The latest stable release version is 0.54.
Commercial Version
The commercial version was built from scratch and leverages new code analysis techniques which were specifically dedicated to the intricate PHP language and its features. It uses abstract syntax trees, control flow graphs, and context-sensitive taint analysis in order to accurately identify even complex security vulnerabilities that base on second-order data flow or misplaced security mechanisms. Further, it simulates PHP built-in features and functions to minimize false positives. It supports the automated detection of over 40 different vulnerability types and found critical security issues in popular open-source projects, including Wordpress, phpMyAdmin, and Roundcube. Contrarily to the open-source version, the commercial version supports PHP version 3-7, industry standards, such as OWASP Top 10, CWE, SANS 25 and PCI-DSS, and can be integrated into the software development life cycle. RIPS is available as on-premises software and as Software-as-a-Service.